SUSE CVE-2025-67733

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially corrupting or returning tampered data to other users on the same...

CVE-2024-34716

PrestaShop is an open source e-commerce web application. A cross-site scripting XSS vulnerability that only affects PrestaShops with customer-thread feature flag enabled is present starting from PrestaShop 8.1.0 and prior to PrestaShop 8.1.6. When the customer thread feature flag is enabled throu...

EUVD-2024-1499

Malicious code in bioql PyPI...

CVE-2021-26253

A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing the MFA verification in Splunk Enterprise versions before 8.1.6. The potential vulnerability impacts Splunk Enterprise instances configured to use DUO MFA and does not impact or affect a DUO product or...

CVE-2024-34717

PrestaShop is an open source e-commerce web application. In PrestaShop 8.1.5, any invoice can be downloaded from front-office in anonymous mode, by supplying a random securekey parameter in the url. This issue is patched in version 8.1.6. No known workarounds are available...

CVE-2024-34717 Anonymous PrestaShop customer can download other customers' invoices

PrestaShop is an open source e-commerce web application. In PrestaShop 8.1.5, any invoice can be downloaded from front-office in anonymous mode, by supplying a random securekey parameter in the url. This issue is patched in version 8.1.6. No known workarounds are available...

CVE-2024-34717 Anonymous PrestaShop customer can download other customers' invoices

PrestaShop is an open source e-commerce web application. In PrestaShop 8.1.5, any invoice can be downloaded from front-office in anonymous mode, by supplying a random securekey parameter in the url. This issue is patched in version 8.1.6. No known workarounds are available...

BIT-GRAFANA-2021-39226 Snapshot authentication bypass in grafana

Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "publicmode" configurati...

Mattermost Cross-site Scripting vulnerability

Mattermost version 8.1.6 and earlier fails to sanitize channel mention data in posts, which allows an attacker to inject markup in the web client...

SUSE CVE-2021-39226

Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "publicmode" configurati...

CVE-2021-39226

Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "publicmode" configurati...

Security Bulletin: Security vulnerability in FlexNet Publisher affects IBM Rational License Key Server

Summary A security vulnerability in FlexNet Publisher from Flexera, used by IBM Rational License Key Server has been published. Required remediation has been addressed by IBM Rational License Key Server team. Vulnerability Details CVEID: CVE-2018-20033 DESCRIPTION: Flexera Software FlexNet...

Security Bulletin: Security vulnerability in Pivotal Spring Framework affects IBM Rational License Key Server Administration & Reporting Tool

Summary A Security vulnerability in Spring Framework, from Pivotal, used by IBM Rational License Key Server Administration & Reporting Tool has been published. Required remediation has been addressed by IBM Rational License Key Server Administration & Reporting Tool team. Vulnerability Details...

Gentoo Security Advisory GLSA 200907-06 (acroread)

The remote host is missing updates announced in advisory GLSA 200907-06. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

Adobe Reader: User-assisted execution of arbitrary code

Background Adobe Reader is a PDF reader released by Adobe. Description Multiple vulnerabilities have been reported in Adobe Reader: Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in the JBIG2 filter CVE-2009-0198. Mark Dowd of the IBM Internet Security Systems X-Force and...

SUSE: Security Advisory for acroread (SUSE-SA:2009:035)

The remote host is missing updates announced in advisory SUSE-SA:2009:035. Copyright C 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...

SuSE Security Advisory SUSE-SA:2009:035 (acroread)

The remote host is missing updates announced in advisory SUSE-SA:2009:035. OpenVAS Vulnerability Test $Id: susesa2009035.nasl 6668 2017-07-11 13:34:29Z cfischer $ Description: Auto-generated from advisory SUSE-SA:2009:035 acroread Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

Adobe Reader Multiple BOF Vulnerabilities (APSB09-07) - Linux

Adobe Reader is prone to multiple buffer overflow vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...